[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Unsupported packages for Wheezy LTS

Hello,

On Thu, 12 May 2016, Markus Koschany wrote:
> I saw those commits too yesterday. I would suggest that we discuss EOLed
> packages on debian-lts before we mark CVEs as unsupported in Wheezy LTS.

Definitely, we should not mark CVE as "end-of-life" before we agreed to
mark it as such in debian-security-support...

That said for vlc I think no customers expressed any need for that
package.

So I think we can stick to this decision and actually put it into
debian-security-support, even if we are going to support libav...
because vlc has many security issues of its own and contrary to libav
it's not a reverse dependency for many packages AFAIK.

> findings. The same goes for vlc and Brian May's investigation into the
> maintainability of libav and related apps. In any case we should always
> update debian-security-support as well when we decide to end support for
> packages.

And announce those changes at the same time ideally.

Cheers,
-- 
Raphaël Hertzog ◈ Debian Developer

Support Debian LTS: http://www.freexian.com/services/debian-lts.html
Learn to master Debian: http://debian-handbook.info/get/
Reply to: